1,285 enforcement actions from 14 federal and state jurisdictions. Every event traced back to its official government source.
1,285
Total Actions
14
Jurisdictions
$35.3B+
Total Fines Tracked
Texas Attorney General Ken Paxton initiated an investigation into Drone Nerds, LLC over its partnership with CCP-affiliated Anzu Robotics, which markets drones with concealed surveillance capabilities and unauthorized data collection risks. Drone Nerds is accused of deceiving Texas consumers by misrepresenting Anzu’s ties to China and falsely claiming the drones are U.S.-based with secure privacy practices. The investigation is being conducted under the Texas Deceptive Trade Practices Act, with a Civil Investigative Demand issued to gather evidence of consumer deception and privacy violations.
Environmental enforcement action where Oregon Attorney General Dan Rayfield, along with a coalition of states and cities, filed a lawsuit challenging the EPA's unlawful rescission of the 2009 Endangerment Finding on greenhouse gas emissions. The challenge argues that the rescission ignores scientific evidence and legal precedent, threatening public health and environmental protections.
Privacy enforcement action where Oregon AG and a coalition of 16 other states sue the Trump Administration to stop the Department of Education's new IPEDS data reporting requirements, arguing they jeopardize student privacy, lack proper definitions, and risk data errors and identification.
Consumer protection case involving theft of charitable funds. Former Alberta Main Street president Devon T. Horace pleaded no contest to theft and falsifying business records, paid $85,080.95 in restitution, and was sentenced to probation and community service.
BMG of Kansas, Inc. (Health Plan, KS) reported a HIPAA breach affecting 1,327 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Manhattan Retirement Foundation d/b/a Meadowlark Hills (Healthcare Provider, KS) reported a HIPAA breach affecting 14,442 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
AltaMed Health Services Corporation (Healthcare Provider, CA) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Couve Healthcare Consulting, LLC DBA Evergreen Healthcare Group (Business Associate, WA) reported a HIPAA breach affecting 11,795 individuals. Breach type: Hacking/IT Incident. Location of breached information: Electronic Medical Record.
QualDerm Partners, LLC (Healthcare Provider, TN) reported a HIPAA breach affecting 3,117,874 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
The Center for Advanced Eye Care (Healthcare Provider, ME) reported a HIPAA breach affecting 9,300 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server, Other.
Option Care Health, Inc. (Healthcare Provider, IL) reported a HIPAA breach affecting 2,086 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Texas Attorney General Ken Paxton filed a lawsuit against PDD Holdings, Inc. and WhaleCo Inc., doing business as Temu, for deceptive marketing and unlawful covert harvesting of Texans’ personal data that was exposed to the Chinese Communist Party. The suit alleges Temu functions as a 'trojan horse' e-commerce app that bypasses security protocols to create a backdoor into users’ private data, which is stored on servers in China. The lawsuit seeks monetary relief under the Texas Deceptive Trade Practices Act, including up to $10,000 per violation and up to $250,000 per violation targeting consumers aged 65 or older.
Texas Attorney General Ken Paxton filed a lawsuit against Temu (PDD Holdings, Inc. and WhaleCo Inc.) for deceptive marketing practices and illegally harvesting Texans' personal data, which was then exposed to the Chinese Communist Party. The suit seeks monetary damages under the Texas Deceptive Trade Practices Act, with potential penalties of up to $10,000 per violation and higher for seniors. This is part of a broader effort to hold CCP-aligned companies accountable.
VNS Behavioral Health Inc. (“VNS Health”) (Healthcare Provider, NY) reported a HIPAA breach affecting 739 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email.
Emanuel Medical Center (Healthcare Provider, GA) reported a HIPAA breach affecting 28,963 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Texas Attorney General Ken Paxton filed a lawsuit against TP-Link Systems Inc. for deceptively marketing its networking devices and enabling the Chinese Communist Party to access American consumers' devices. The lawsuit alleges that TP Link's products have been used by PRC state-sponsored hackers and that the company is subject to Chinese laws requiring data disclosure. This is part of a coordinated effort to hold China-aligned companies accountable under Texas law.
44North (Business Associate, MI) reported a HIPAA breach affecting 2,158 individuals. Breach type: Hacking/IT Incident. Location of breached information: Desktop Computer.
Easterseals Northeast Indiana (Healthcare Provider, IN) reported a HIPAA breach affecting 3,158 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Civil rights enforcement action where Oregon Attorney General submitted evidence supporting a lawsuit against federal agents for excessive use of force and First Amendment violations during protests at the Portland ICE building. The AG urges the court to issue a preliminary injunction to stop unlawful crowd-control measures.
Wee Care Pediatrics, LLC (Healthcare Provider, UT) reported a HIPAA breach affecting 2,127 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
National Association on Drug Abuse Problems (Healthcare Provider, NY) reported a HIPAA breach affecting 90,000 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cedar Valley Services (Healthcare Provider, MN) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Academic Urology & Urogynecology of Arizona (Healthcare Provider, AZ) reported a HIPAA breach affecting 73,281 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Resource Corporation of America (Business Associate, TX) reported a HIPAA breach affecting 501 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
VPS Medical PLLC (Healthcare Provider, PA) reported a HIPAA breach affecting 4,600 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
Cedar Point Health, LLC (Healthcare Provider, CO) reported a HIPAA breach affecting 23,114 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server.
University Spine Center (Healthcare Provider, NJ) reported a HIPAA breach affecting 582 individuals. Breach type: Hacking/IT Incident. Location of breached information: Network Server, Other.
Alexes Hazen MD, PLLC (Healthcare Provider, NY) reported a HIPAA breach affecting 500 individuals. Breach type: Hacking/IT Incident. Location of breached information: Email, Network Server.
Texas Attorney General Ken Paxton issued Civil Investigative Demands to Blue Cross Blue Shield of Texas and Conduent Business Services LLC as part of an investigation into a data breach that exposed the protected health information of approximately four million Texans. The breach, which occurred between October 21, 2024 and January 13, 2025, is believed to be the largest in U.S. history. The investigation focuses on Conduent's security measures and BCBS's compliance with state data protection laws.
Texas Attorney General Ken Paxton issued Civil Investigative Demands to Blue Cross Blue Shield of Texas and Conduent Business Services LLC as part of an investigation into a massive data breach at Conduent that exposed the protected health information of approximately four million Texans. The breach occurred between October 21, 2024 and January 13, 2025, affecting Texas Medicaid recipients and other residents. The AG's office is investigating the security failures and compliance with Texas law.
All data sourced from official government enforcement pages.